redaction fixes

src/service/rooms/event_handler/mod.rs

@@ -19,7 +19,7 @@ use ruma::{
 	},
 	events::{
 		room::{create::RoomCreateEventContent, server_acl::RoomServerAclEventContent},
-		StateEventType,
+		StateEventType, TimelineEventType,
 	},
 	int,
 	serde::Base64,
@@ -525,7 +525,18 @@ impl Service {
 		let soft_fail = !state_res::event_auth::auth_check(&room_version, &incoming_pdu, None::<PduEvent>, |k, s| {
 			auth_events.get(&(k.clone(), s.to_owned()))
 		})
-		.map_err(|_e| Error::BadRequest(ErrorKind::forbidden(), "Auth check failed."))?;
+		.map_err(|_e| Error::BadRequest(ErrorKind::forbidden(), "Auth check failed."))?
+			|| if let Some(redact_id) = &incoming_pdu.redacts {
+				incoming_pdu.kind == TimelineEventType::RoomRedaction
+					&& !services().rooms.state_accessor.user_can_redact(
+						redact_id,
+						&incoming_pdu.sender,
+						&incoming_pdu.room_id,
+						true,
+					)?
+			} else {
+				false
+			};
 
 		// 13. Use state resolution to find new room state